To:
bill <bmanning@karoshi.com>
CC:
Alain Durand <Alain.Durand@Sun.COM>, itojun@iijlab.net, dnsop@cafax.se
From:
Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>
Date:
Thu, 13 Nov 2003 02:05:06 +0900
In-Reply-To:
<200311121532.hACFWxX00449@karoshi.com>
Sender:
owner-dnsop@cafax.se
User-Agent:
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)
Subject:
Re: well-known addresses / was DNS discovery
bill; > to reiterate my concerns expressed at the mic yesterday, Thank you very much. > Ohta-san, would you be comfortable with 200,000,000 devices > being shipped with the IP address 131.112.32.188 (the address > of one of your organizations nameservers) being burned into > eeprom? I will be comfortable with 200,000,000 devices being shipped with the IP address 127.0.0.1 (an anycast address) being burned into eeprom, which was the point of my comment to you, yesterday. I'll be fine if 127.0.0.1 is replaced by some anycast address, as long as certain address range (say /24 in the C swamp or /16 in class B) of the address is not used by anyone. > disclaimers about restricting, by IETF fiat, well known addresses > to special IP ranges will -NOT- work in the real world. I'm not sure what you mean. Each well know addresses may have its own range to protect against route filtering and there is no requirement of mine that the addresses are restricted to special IP range. > If you are willing to commit your enterprise to absorb 0.1% > of the total packets generated by 200,000,000 devices, then > perhaps I will be persuaded that use of well-known addresses > is an operationally acceptable technique. 200,000 devices are not for usual enterprises (or universities) but for ISPs of medium scale. But, I know an ISP, internal of which I know well, with >3,000,000 subscribers is operating DNS servers for all the subscribers. So, what is the problem? > Yes, I know we do it now and it reduces the level of effort > in getting new features deployed, but in -EVERY- case, the > use of well known addresses has caused problems. I think I have shown a solution on the problem on root server addresses with anycast addresses and AS numbers. If there are other cases, let me know so that I can try to use anycast approach for the problems. Masataka Ohta #---------------------------------------------------------------------- # To unsubscribe, send a message to <dnsop-request@cafax.se>.